Static task
static1
General
-
Target
4a7b88ca6ff38702c379c3dc1e98a4f2_JaffaCakes118
-
Size
1KB
-
MD5
4a7b88ca6ff38702c379c3dc1e98a4f2
-
SHA1
01bafa465ce99e9accc2946af149f699ebb074e8
-
SHA256
59b884373ba3e7e3d063635ecc0930faf30531d6304a234e2087e4a0f63d9395
-
SHA512
9b4f4346bb6bcfeebb2dce82cc39a36084ec9d681dbee3595301addc1ab99f42fa7bf8b9db6a0376129496bd0eddde7e2eec19c255cd8e142b2d8fe634691366
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4a7b88ca6ff38702c379c3dc1e98a4f2_JaffaCakes118
Files
-
4a7b88ca6ff38702c379c3dc1e98a4f2_JaffaCakes118.sys windows:4 windows x86 arch:x86
b6d08cc1950cbb580ee9dc8873781b91
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
ntoskrnl.exe
IoGetDeviceObjectPointer
IoDriverObjectType
IoCallDriver
ObReferenceObjectByName
ObDereferenceObject
IoBuildDeviceIoControlRequest
ndis.sys
NdisRegisterProtocol
NdisDeregisterProtocol
Sections
.text Size: 736B - Virtual size: 732B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 160B - Virtual size: 132B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 320B - Virtual size: 320B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 64B - Virtual size: 38B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ